113b02c407bb6c4654b50f5dfaf7ec71_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

113b02c407bb6c4654b50f5dfaf7ec71_JaffaCakes118
Size

352KB
MD5

113b02c407bb6c4654b50f5dfaf7ec71
SHA1

59c3ce90d039f7d53190a952285edbdae2581ff7
SHA256

d7de81ba01c2a4e1df42f7b6d4acff05c588950abc5ab6d1e2e6ebfefce5f9af
SHA512

3857d90e76dbf092a1a77ce91affe03d1712b707585479871acbbfdda42569a5f81010440e4db30409b90bbaae297f48f18a3d0a2d6324a04351fdc86aee3076
SSDEEP

6144:5wE0wqul2lJjbNG30YZiozF9IgdFHgagS/6pIIm6t6BlVdVUvIzm5fiMLSLGJMyQ:5wIUnA3zTzF/i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
113b02c407bb6c4654b50f5dfaf7ec71_JaffaCakes118

Files

113b02c407bb6c4654b50f5dfaf7ec71_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0363a8444ef9978c1d73bfdb7a154aff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClassLongA
FindWindowA
UpdateWindow
RegisterClassA
ShowWindow
DestroyIcon
IsWindowVisible
LoadCursorA
GetWindowRect
DrawEdge
MessageBoxA
IsWindow
TrackPopupMenu
TrackPopupMenuEx
IsRectEmpty
RemoveMenu
SetMenuItemBitmaps
DefWindowProcA
CreateWindowExA
RegisterClassExA
RedrawWindow
LoadIconA
SetMenuDefaultItem
PtInRect
ScrollWindowEx
EndDeferWindowPos
TranslateMessage
PeekMessageA
ShowCaret
DestroyWindow
wvsprintfA
WaitMessage
EndDialog
GetMenuItemID
MessageBeep
GetMessagePos
SetTimer
GetDesktopWindow
ReleaseDC
GetSystemMenu
CreatePopupMenu
CharUpperA
GetWindowTextA
IsWindowEnabled
BeginDeferWindowPos
WindowFromPoint
TranslateAcceleratorA

gdi32

GetWindowOrgEx
GetObjectA
DeleteDC
GetDeviceCaps
DeleteObject
CreateDCA

wininet

HttpSendRequestA
InternetTimeToSystemTime
InternetTimeFromSystemTime
InternetGetConnectedState
HttpQueryInfoA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetCloseHandle
InternetCrackUrlA
InternetErrorDlg
InternetConnectA

ole32

OleSetContainedObject
DoDragDrop
StringFromGUID2
CoRegisterClassObject
OleFlushClipboard
CLSIDFromString
GetRunningObjectTable
OleCreateFromData
GetClassFile
CoRegisterMessageFilter
StgOpenStorage
CoCreateInstance
OleLockRunning
CreateDataAdviseHolder
StgIsStorageILockBytes
CoFreeUnusedLibraries

shlwapi

PathIsUNCA
PathStripToRootA
PathRemoveExtensionA
PathFindFileNameA

shell32

DragQueryFileA
ord155
DragFinish

kernel32

VirtualAlloc
GetACP
DosDateTimeToFileTime
GetLastError
LCMapStringA
ReadFile
SetFileAttributesA
UnhandledExceptionFilter
IsValidLocale
SetUnhandledExceptionFilter
TerminateProcess
SetHandleCount
FileTimeToSystemTime
FreeEnvironmentStringsW
GetDateFormatA
GetEnvironmentStrings
SetStdHandle
LCMapStringW
HeapCreate
LoadResource
GetStringTypeW
GetStdHandle
TlsSetValue
WideCharToMultiByte
GetEnvironmentStringsW
SetConsoleCtrlHandler
FlushFileBuffers
HeapSize
GetModuleHandleA
GetLocaleInfoW
EnumResourceLanguagesA
LocalFree
SetLastError
GetCurrentThreadId
InterlockedExchange
QueryPerformanceCounter
GetOEMCP
CloseHandle
VirtualFree
GetLocalTime
GetCommandLineA
GetCurrentProcess
GetSystemInfo
InitializeCriticalSection
VirtualProtect
TlsAlloc
IsBadWritePtr
FatalAppExitA
SetFilePointer
SetEnvironmentVariableA
GetStartupInfoA
GetCPInfo
GetVersionExA
GetStringTypeA
CreateThread
WriteFile
MultiByteToWideChar
GetFileAttributesA
GetCurrentProcessId
HeapDestroy
IsBadReadPtr
GetTickCount
EnumSystemLocalesA
EnterCriticalSection
LoadLibraryA
DeleteFileA
RtlUnwind
UnmapViewOfFile
GetTimeFormatA
HeapFree
CompareStringW
VirtualQuery
HeapAlloc
FindNextFileA
RaiseException
GetSystemTimeAsFileTime
TlsGetValue
LeaveCriticalSection
FreeEnvironmentStringsA
ExitProcess
HeapReAlloc
TlsFree
GetUserDefaultLCID
DeleteCriticalSection
GetModuleFileNameA
IsBadCodePtr
GetCurrentThread
GetProcAddress
GetTimeZoneInformation
CreateMutexA
LocalReAlloc
GetLocaleInfoA
CompareStringA
IsValidCodePage
GetFileType
FindResourceExA
SetCurrentDirectoryA
GlobalLock

comdlg32

ChooseFontA
CommDlgExtendedError
PrintDlgA
GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

comctl32

CreateStatusWindowW
_TrackMouseEvent

oleaut32

LoadTypeLi

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0363a8444ef9978c1d73bfdb7a154aff

Headers

File Characteristics

Imports

user32

gdi32

wininet

ole32

shlwapi

shell32

kernel32

comdlg32

comctl32

oleaut32

Sections

.text Size: 72KB - Virtual size: 70KB

.rdata Size: 100KB - Virtual size: 98KB

.data Size: 44KB - Virtual size: 65KB

.rsrc Size: 132KB - Virtual size: 128KB

.text
Size: 72KB - Virtual size: 70KB

.rdata
Size: 100KB - Virtual size: 98KB

.data
Size: 44KB - Virtual size: 65KB

.rsrc
Size: 132KB - Virtual size: 128KB